O Futuro da Informação
O Futuro da Informação
@npm_malware
📣 We tweet malicious packages detected on npm in real-time. 🚨 Not affiliated with @npmjs or @github. 🛡 Powered by the @SocketSecurity threat feed. ✨
⚠️ New threat detected: devkit-scripts@1.0.3 ⚠️ Attributed by the Socket Threat Research Team to North Korea’s **“Contagious Interview”** operation, this package is a **multi-stage Node.js infostealer/loader** that executes immediately on install, st... socket.dev/npm/package/de…
⚠️ New threat detected: ozonex-sdk@1.0.5 ⚠️ This module is a high-risk remote code execution loader. It decodes hidden outbound URLs, downloads arbitrary JavaScript from the network, and executes it by streaming the payload into detached Node.js chil... socket.dev/npm/package/oz…
⚠️ New threat detected: angklarjs@1.1.4 ⚠️ The code performs unauthorized exfiltration of sensitive system information to an external Discord webhook without user consent. This constitutes malicious behavior consistent with spyware or backdoor malwar... socket.dev/npm/package/an…
⚠️ New threat detected: aoi.js@4.5.0-dev.7da9206.1628131335 ⚠️ This module is an interpreter for bot command code and performs dynamic loading/execution of per-function modules and sends outputs to Discord. The file itself does not contain obvious ha... socket.dev/npm/package/ao…
⚠️ New threat detected: insane-unlimited-vc-glitch-for-nba-2k22-full-tutorial-537@1.0.2 ⚠️ The code engages in automated package creation and publishing, with the addition of posting content to WordPress sites using hard-coded credentials. This indic... socket.dev/npm/package/in…
⚠️ New threat detected: @gbrlxvii/ts-env-validator@1.0.5 ⚠️ This module is highly likely malicious. It performs credential discovery (environment/proc scanning, credential file harvesting, IMDS/GCP+AWS metadata probing for service account and IAM-re... socket.dev/npm/package/@g…
⚠️ New threat detected: apple-psh@4.0.3 ⚠️ This code collects extensive system information—including hostname, OS type, platform, release, architecture, local IP, current user, and working directory—and fetches the public IP from https://api64[.]ipif... socket.dev/npm/package/ap…
⚠️ New threat detected: ikyy@4.0.5 ⚠️ The code sends user-provided HTML content to an unknown external domain (sl[.]rzkyfdlh[.]tech/createhtml) via HTTP GET requests without adequate validation, user consent, or security controls. This creates a pote... socket.dev/npm/package/ik…
⚠️ New threat detected: @zohodesk/react-cli@1.1.27-exp.2 ⚠️ The code performs unauthorized exfiltration of sensitive internal project data (package name, version, git commit hash) to a suspicious external server without user consent. This behavior i... socket.dev/npm/package/@z…
⚠️ New threat detected: @zohodesk/react-cli@1.1.28-exp.2 ⚠️ The code performs unauthorized exfiltration of sensitive internal project data (package name, version, git commit hash) to a suspicious external server without user consent. This behavior i... socket.dev/npm/package/@z…